GnuPG does not use OpenSSL, so gpg keys are not impacted by the
vulnerability. However, keys that were stored on systems that could be
attacked by using weak SSH keys, or other means, could be indirectly
exposed, and gpg passphrases sent over ssh connections using weak SSH
keys could be potentially exposed.